I’m out of the loop, what’s the context for all this?
I’m out of the loop, what’s the context for all this?
All I see is hunter2
Sorry, I sneezed
Oh weird, it wasn’t returning anything a few minutes ago. I wonder if we pissed then off lol
It’s essentially to add a unique salt to each machine that’s doing this, otherwise they’d all be generating the same hash from identical timestamps. Afaik, sha hashes are still considered secure; and it’s very unlikely they’d even try to crack one. But even if they did try and were successful, there isn’t really anything nefarious they can do with your machines local name.
Here’s a quick bash script if anyone wants to help flood the attackers with garbage data to hopefully slow them down: while true; do curl https://zelensky.zip/save/$(echo $(hostname) $(date) | shasum | sed 's/.\{3\}$//' | base64); sleep 1; done
Once every second, it grabs your computer name and the current system time, hashes them together to get a completely random string, trims off the shasum control characters and base64 encodes it to make everything look similar to what the attackers would be expecting, and sends it as a request to the same endpoint that their xss attack uses. It’ll run on Linux and macOS (and windows if you have a WSL vm set up!) and uses next to nothing in terms of system resources.
The encoded strings are https://zelensky(dot)zip/save/
and navAdmin
Not just that, it looks for a navAdmin
cookie in your browser and sends that to zelensky(dot)zip/save/<your cookie here>
in the form of a GET request.
It’s pretty common for a laptop to have a dedicated gpu, plus the integrated gpu that’s actually part of the cpu.
Relevant: https://youtu.be/Fb7N-JtQWGI
Netflix rolled out av1 support for a handful of Samsung smart TV’s about a year and a half ago, then kinda shoved the project under the rug and never mentioned it again. My guess is that the added costs of having to store their entire library twice plus having to re-encode everything made it uneconomical. Besides, av1 doesn’t have a bandwidth advantage over h.265; all of the comparisons that Google likes to use to show off the codec are av1 vs h.264, which is pretty sneaky and misleading imo.
No arguments about it being a good TV, but the vast majority of people do not have shiny new LG oled TV’s. Hell, most people are still using old 1080p lcd’s without any smart TV features, and the people who have got new TV’s over the past few years tend to skew heavily towards buying relatively cheap 4k TV’s that may not have any smart TV features (after all; if i already have a roku/apple tv/chromecast/etc that covers all of my streaming needs, why would I pay a huge premium to get these features a second time?)
The trouble with AV1 is that it’s about a decade behind h.265 in terms of hardware support. Most people aren’t upgrading their gpus every single generation, so by the time AV1-compatible hardware starts to see significant market share, it’s pretty likely that h.266-compatible hardware will be on the market as well.
Of course, there’s also software encoders; but benchmarks of current software encoders put av1 anywhere between 50-1000x slower than x265 for comparable quality and bitrate.
It’s definitely cool that people are working on a royalty-free video codec, but h.265 is the undeniable king for the time being.
Holy shit, she’s even crazier than I thought, yikes